This module addresses and analyses an evolving domain of security activity on the Internet. ‘Security’ is defined quite widely here. So ‘security’ ranges from nation-state attacks on civilians in times of peace, to the piratical behaviour of major companies that have used data acquisition as a business model to terrorists who use it as a platform for recruitment and training. Pretty much anything goes so long as it is about ones and zeroes.

Cyber presents endless intellectual challenges for students of international security. This is primarily because the Internet often tears up existing boundaries and borders. In the realm of cyber, defensive security work and aggressive surveillance tend to blur together - as does hacking for purposes of sabotage. Offensive cyber tends to be ‘owned’ by intelligence agencies in many countries, but is privatised in others.

There is as yet little agreement about the risks that governments confront when they develop or deploy cyber weapons, and even less agreement about whether deterrence is possible in cyberspace. One of the risks is that advanced methods are exposed in any attack, or may be leaked, and so non-state actors learn dangerous techniques that then proliferate. These are some of the reasons why there has been a call for a Digital Geneva Convention that would ban offensive cyber weapons.

Cyber is no longer monopolised by government. Instead, a complex interplay of states, corporations, regional and international organisations together with civil society are engaged in its international policing and standard setting, ensuring that it is one of the most fascinating aspects of accelerating security activity.